path: root/modules/pam_stress
diff options
authorThorsten Kukuk <>2008-01-08 14:49:05 +0000
committerThorsten Kukuk <>2008-01-08 14:49:05 +0000
commitca2cb12dd3165ab006c674d673a2d596d642c875 (patch)
treeddf4f6dc4a8278c02279a6c137c15555d813af16 /modules/pam_stress
parentd48c90b14254794fcad9ccc37873a8c663cce02d (diff)
Relevant BUGIDs:
Purpose of commit: bigfix Commit summary: --------------- 2008-01-08 Thorsten Kukuk <> * doc/man/ Fix manual page dependencies, add hack for bug in xsl stylestheets. 2008-01-02 Petteri R├Ąty <> * modules/pam_limits/limits.conf: document allowed values for nice. * modules/pam_limits/limits.conf.5.xml: Likewise. and readd files wrongly deleted before.
Diffstat (limited to 'modules/pam_stress')
2 files changed, 64 insertions, 1 deletions
diff --git a/modules/pam_stress/.cvsignore b/modules/pam_stress/.cvsignore
index acf3f3bc..9fb98574 100644
--- a/modules/pam_stress/.cvsignore
+++ b/modules/pam_stress/.cvsignore
@@ -4,4 +4,3 @@
diff --git a/modules/pam_stress/README b/modules/pam_stress/README
new file mode 100644
index 00000000..e64bf2d3
--- /dev/null
+++ b/modules/pam_stress/README
@@ -0,0 +1,64 @@
+# This describes the behavior of this module with respect to the
+# /etc/pam.conf file.
+# writen by Andrew Morgan <>
+This module recognizes the following arguments.
+debug put lots of information in syslog.
+ *NOTE* this option writes passwords to syslog, so
+ don't use anything sensitive when testing.
+no_warn don't give warnings about things (otherwise warnings are issued
+ via the conversation function)
+use_first_pass don't prompt for a password, for pam_sm_authentication
+ function just use item PAM_AUTHTOK.
+try_first_pass don't prompt for a password unless there has been no
+ previous authentication token (item PAM_AUTHTOK is NULL)
+rootok This is intended for the pam_sm_chauthtok function and
+ it instructs this function to permit root to change
+ the user's password without entering the old password.
+The following arguments are acted on by the module. They are intended
+to make the module give the impression of failing as a fully
+functioning module might.
+expired an argument intended for the account and chauthtok module
+ parts. It instructs the module to act as if the user's
+ password has expired
+fail_1 this instructs the module to make its first function fail.
+fail_2 this instructs the module to make its second function (if there
+ is one) fail.
+ The function break up is indicated in the Module
+ Developers' Guide. Listed here it is:
+ service function 1 function 2
+ ------- ---------- ----------
+ auth pam_sm_authenticate pam_sm_setcred
+ password pam_sm_chauthtok
+ session pam_sm_open_session pam_sm_close_session
+ account pam_sm_acct_mgmt
+prelim for pam_sm_chauthtok, means fail on PAM_PRELIM_CHECK.
+required for pam_sm_chauthtok, means fail if the user hasn't already
+ been authenticated by this module. (See stress_new_pwd data
+ item below.)
+# data strings that this module uses are the following:
+data name value(s) Comments
+--------- -------- --------
+stress_new_pwd yes tells pam_sm_chauthtok that
+ pam_sm_acct_mgmt says we need a new
+ password